<?php

if($action=='login')
{
	$msg = '';
	$validate = array(
		'email' => array('type'=>'email'),
		'pass' => array('type'=>'string','min_length'=>6, 'max_length'=>16),	
	);
	$result = Validate::multiple($_POST, $validate);
	if(!$result['email'])$msg = "邮件格式不正确!";
	if(!$result['pass'])$msg = "密码格式不正确!";
	$sql = "select * from users where email like '$email' and pass='$pass'";
	$rs = $db1->query($sql);
	if(!$row = $rs->fetch())$msg = "邮箱名称或密码错误,请重新尝试";
	else
	{
		$session = base64_encode($row['email'].'||'.$row['pass']);
		scookie('session', $session, time()+86400);
		$db1->exec("update users set session='$session' where uid='$row[uid]'");
	}
	goURL($conf['site_url'],$msg);
}

if($action=='logout')
{
	scookie('session', '', time()-3600);
	goURL($conf['site_url']);
	exit();
}
?>